-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 http://nms-cgi.sourceforge.net/
here is that link I mentioned... these are drop-in replacements for Matt's scripts... thanks, shawn On Thu, 21 Feb 2002, Lisa Bogar wrote: > Shawn, > > Yep, your right. I wasn't given the complete information about how they > had neglected to update their code. Thanks for pointing this out. I'm > kind of wondering if some of those log entries someone else experienced > might be due to the same thing this individual incurred. I don't work > with forms so I don't have any idea where the "drop-in" updates are > located, but it is an easy fix I have been told. > > Lisa > > ************************************** > * Lisa L. Bogar * > * Montana State University-Bozeman * > * Information Technology Center * > * Bozeman, MT 59717-3240 * > * * > * Phone: (406) 994-7887 * > * FAX: (406) 994-4600 * > * email: [EMAIL PROTECTED] * > ************************************** > > On Thu, 21 Feb 2002, SecLists wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > You havent seen anything on bugtraq because, sorry to tell you, this is an > > old vulnerability... > > Apparently, from what I hear, Matt's script archive aren't the best > > scripts in the world... I think there is a replacement project on > > sourceforge.net... can't remember the project name though.. anyone? > > supposedly, they are drop-in replacements for all the Matt's script > > stuff... > > > > thanks, > > shawn > > > > On Wed, 20 Feb 2002, Lisa Bogar wrote: > > > > > > > > Someone on campus called me yesterday inquiring about how to stop relaying > > > through sendmail. He thought he had configured his sendmail.cf to not > > > allow relaying, but then got notified he was relaying mail. Today after > > > some searching he found some information about FormMail.pl where it can be > > > used to cause your webserver to relay mail. He found his information from > > > www.8wire.com. Is anyone else familar with this and have you encountered > > > it? The logs show attacks targeted at the cgi-bin that sent out tons of > > > porno spam. > > > > > > Just trying to find out more information and I am surprised if it is > > > indeed happening why I haven't seen anything on CERT or bugtraq. > > > > > > TIA > > > Lisa > > > > > > ************************************** > > > * Lisa L. Bogar * > > > * Montana State University-Bozeman * > > > * Information Technology Center * > > > * Bozeman, MT 59717-3240 * > > > * * > > > * Phone: (406) 994-7887 * > > > * FAX: (406) 994-4600 * > > > * email: [EMAIL PROTECTED] * > > > ************************************** > > > > > > > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.0.6 (OpenBSD) > > Comment: For info see http://www.gnupg.org > > > > iD8DBQE8dXdF3Qw8DHute6kRAtt8AJ9GOAAVBi2UjEufJYxQeH2+ENsg5ACgiVrc > > oQcsZ9RFWbe5swaKfI6o5TI= > > =QSB7 > > -----END PGP SIGNATURE----- > > > > > > > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (OpenBSD) Comment: For info see http://www.gnupg.org iD8DBQE8dayg3Qw8DHute6kRAul3AJ0VuZBW423gAF/mAIufwQwQSV9zhwCfXzS+ ido9RQoFhmYJHVUivr5KspU= =yHAT -----END PGP SIGNATURE-----